vulnerability

Oracle WebLogic: CVE-2024-47554 : Critical Patch Update

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
2024-10-03
Added
2025-01-21
Modified
2025-02-18

Description

Uncontrolled Resource Consumption vulnerability in Apache Commons IO.

The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.

This issue affects Apache Commons IO: from 2.0 before 2.14.0.

Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.

Solution(s)

oracle-weblogic-jan-2025-cpu-12_2_1_4_0oracle-weblogic-jan-2025-cpu-14_1_1_0_0oracle-weblogic-jan-2025-cpu-14_1_2_0_0
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.